EU sanctions two Russian military officers over cyber attack against German parliament

A flag of Germany waves next to the dome of the Reichstag building where the German federal parliament Bundestag meets.
A flag of Germany waves next to the dome of the Reichstag building where the German federal parliament Bundestag meets. Copyright AP Photo/Michael Sohn
Copyright AP Photo/Michael Sohn
By Alice Tidey
Share this articleComments
Share this articleClose Button

Restrictive measures were imposed against the head of Russia's military intelligence agency. The 2015 attack resulted in a "significant amount of data" being stolen and affected Chancellor Angela Merkel's email account.


The European Union slapped sanctions on two Russian military officials on Thursday over a 2015 cyber-attack against the German parliament in which a "significant amount of data was stolen".

The bloc said in a statement that it had imposed travel bans and asset freezes against Igor Kostyukov, the head of Russia's military intelligence agency (GRU), and Dmitry Badin, a 29-year-old military intelligence officer for GRU's 85th Main Centre for Special Services also being sought by US authorities.

"The cyber-attack against the German federal parliament targeted the parliament's information system and affected its operation for several days. A significant amount of data was stolen and email accounts of several MPs as well as Chancellor Angela Merkel were affected," the EU said. 

The 85th Main Centre for Special Services —also known as "military unit 26165", "Fancy Bear" or "Pawn Storm — was also sanctioned. The EU said the agency "is responsible for cyber-attacks with a significant effect constituting an external threat to the Union or its member states."

It is also accused by the EU of being behind "the attempted cyber-attack aimed at hacking into the Wi-Fi network of the Organisation for the Prohibition of Chemical Weapons (OPCW) in the Netherlands in April 2018."

Russia has denied it is behind either of these attacks. 

The sanctions also mean that EU persons or entities are prohibited from making funds available to those listed. 

The EU adopted its so-called "cyber diplomacy toolbox" to "prevent, discourage, deter and respond to continuing and increasing malicious behaviour in cyberspace" in May 2019. 

The first sanctions were issued in July 2020 and affected six people, including two Chinese nationals and four Russian citizens, as well as three entities from China, Russia and North Korea. 

They were accused of taking part in the attempted hack against the OPCW, "Operation Cloud Hopper" which targeted multinationals around the world, and the "WannaCry" attack which targeted governmental and corporate services worldwide with ransomware.

Share this articleComments

You might also like

Germany charges man with passing Bundestag floor plans to Russia

US Secretary of State Pompeo blames Russia for massive government hack

Greek-owned cargo ship hit by twin missile attacks in Red Sea off Yemen